5d106f6d13c730e9f372942e83764f25_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5d106f6d13c730e9f372942e83764f25_JaffaCakes118
Size

1.4MB
MD5

5d106f6d13c730e9f372942e83764f25
SHA1

0fc47012bc67e6a0d34a0c8a5fa621ab90ae0bb5
SHA256

24c5c06e4f6f910d0328ba7bd9c5d985423c71c07d82dde2fc62cb80443abb39
SHA512

e715473ba3780b2f71c4ef97e13fa5ee5d0025ec1fa8333a3436cd5cb4acbeabe68386881756f8c100f9655dfe2ab85bd1d334cf18a2dc7f6a05a03bb2ead83f
SSDEEP

24576:rPlqb7nUnw8uEV3LhbZolRTtjtbS0bisjonFHTNcbBRTS/qvo+T9Ub:rw7nH8uabhNaTtJxSzNcbXW/qv5T0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d106f6d13c730e9f372942e83764f25_JaffaCakes118

Files

5d106f6d13c730e9f372942e83764f25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b4bd6884e92212bf8eed6a8293b5fe2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetFileAttributesW
GetFileTime
FindNextFileW
SetErrorMode
HeapFree
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
RaiseException
ExitThread
SetStdHandle
GetFileType
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
SuspendThread
WritePrivateProfileStringW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedDecrement
GetCurrentProcessId
FormatMessageW
LocalFree
GlobalFree
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
FreeLibrary
CompareStringW
GetVersionExA
MulDiv
SetEvent
GetTickCount
ResumeThread
SetThreadPriority
CreateEventW
ReadFile
SetFilePointer
GetFileSize
GetModuleFileNameW
CreateThread
TerminateThread
GetVersion
Sleep
GetLocalTime
FindClose
LeaveCriticalSection
InterlockedExchange
DeleteCriticalSection
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
OpenProcess
lstrcmpW
lstrcpyW
FreeResource
CreateFileW
DeleteFileW
lstrcatW
GlobalUnlock
GlobalLock
GlobalAlloc
FindResourceW
GetModuleHandleA
CopyFileA
lstrcpyA
CreateDirectoryA
CloseHandle
WriteFile
CreateFileA
lstrcmpA
lstrcatA
GetModuleFileNameA
WaitForSingleObject
CreateMutexW
LockResource
LoadResource
SizeofResource
FindResourceA
ExitProcess
LoadLibraryA
GetProcessHeap
HeapAlloc
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
SetLastError
GetDriveTypeA
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetLogicalDrives
GetVolumeInformationA
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
VirtualQuery
lstrlenA

user32

GetSysColorBrush
CharUpperW
GetMessageW
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
DestroyMenu
GetWindowThreadProcessId
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
IsWindowVisible
GetMenu
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
RegisterClipboardFormatW
MessageBeep
GetNextDlgGroupItem
ReleaseCapture
SetCapture
InvalidateRgn
TabbedTextOutW
IsWindow
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
RemovePropW
UnregisterClassW
GetFocus
CopyRect
SetCursor
LoadCursorW
InvalidateRect
GetParent
GetMenuItemID
PostMessageW
TrackPopupMenu
GetCursorPos
SetMenuDefaultItem
GetSubMenu
LoadMenuW
KillTimer
PostThreadMessageW
SetForegroundWindow
UpdateWindow
GetSysColor
wsprintfW
SetActiveWindow
GetActiveWindow
SetFocus
IsWindowEnabled
GetDesktopWindow
RegisterWindowMessageW
LoadIconA
GetWindowRect
AppendMenuW
CreatePopupMenu
DrawIcon
LoadIconW
GetClientRect
GetSystemMetrics
EnableWindow
SendMessageW
IsIconic
UnregisterClassA

gdi32

ExtSelectClipRgn
CreateBitmap
GetViewportExtEx
GetDeviceCaps
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetObjectW
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDIBSection
DeleteObject
DeleteDC
GetStockObject
GetCurrentObject
CreateFontW
CreateFontIndirectW
BitBlt
SelectObject
CreateCompatibleDC
GetWindowExtEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegSetValueExA
RegCloseKey
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyW
RegEnumValueA
RegCreateKeyW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyA

shell32

ShellExecuteA
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
Shell_NotifyIconW
ShellExecuteW

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFindFileNameW
UrlUnescapeW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CLSIDFromProgID
CoRegisterMessageFilter
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

SysAllocString
OleCreateFontIndirect
SafeArrayDestroy
VariantCopy
SysFreeString
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime

gdiplus

GdipCloneImage
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromStream
GdipDisposeImage
GdipFree
GdipCreateHBITMAPFromBitmap

psapi

GetModuleFileNameExW
EnumProcessModules
EnumProcesses

wininet

InternetOpenUrlW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetGetConnectedState

Sections

.text
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 257KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 702KB - Virtual size: 702KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b4bd6884e92212bf8eed6a8293b5fe2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

psapi

wininet

Sections

.text Size: 448KB - Virtual size: 448KB

.rdata Size: 257KB - Virtual size: 256KB

.data Size: 46KB - Virtual size: 62KB

.rsrc Size: 702KB - Virtual size: 702KB

.text
Size: 448KB - Virtual size: 448KB

.rdata
Size: 257KB - Virtual size: 256KB

.data
Size: 46KB - Virtual size: 62KB

.rsrc
Size: 702KB - Virtual size: 702KB